Datatrak import rework: Add another memory size ckeck

As a last minute addition, and for peace of mind and soul, add just
another size check, to run before reading values from buffer.

Signed-off-by: Salvador Cuñat <salvador.cunat@gmail.com>
This commit is contained in:
Salvador Cuñat 2017-05-07 14:26:56 +02:00 committed by Dirk Hohndel
parent 47dcc964b8
commit 75762e5f16

View file

@ -44,22 +44,26 @@ static const struct models_table_t g_models[] = {
extern struct sample *add_sample(struct sample *sample, int time, struct divecomputer *dc); extern struct sample *add_sample(struct sample *sample, int time, struct divecomputer *dc);
#define JUMP(_ptr, _n) if ((long) (_ptr += _n) > maxbuf) goto bail #define JUMP(_ptr, _n) if ((long) (_ptr += _n) > maxbuf) goto bail
#define CHECK(_ptr, _n) if ((long) _ptr + _n > maxbuf) goto bail
#define read_bytes(_n) \ #define read_bytes(_n) \
switch (_n) { \ switch (_n) { \
case 1: \ case 1: \
CHECK(membuf, _n); \
tmp_1byte = membuf[0]; \ tmp_1byte = membuf[0]; \
break; \ break; \
case 2: \ case 2: \
CHECK(membuf, _n); \
tmp_2bytes = two_bytes_to_int (membuf[1], membuf[0]); \ tmp_2bytes = two_bytes_to_int (membuf[1], membuf[0]); \
break; \ break; \
default: \ default: \
CHECK(membuf, _n); \
tmp_4bytes = four_bytes_to_long(membuf[3], membuf[2], membuf[1], membuf[0]); \ tmp_4bytes = four_bytes_to_long(membuf[3], membuf[2], membuf[1], membuf[0]); \
break; \ break; \
} \ } \
JUMP(membuf, _n); JUMP(membuf, _n);
#define read_string(_property) \ #define read_string(_property) \
CHECK(membuf, tmp_1byte); \
unsigned char *_property##tmp = (unsigned char *)calloc(tmp_1byte + 1, 1); \ unsigned char *_property##tmp = (unsigned char *)calloc(tmp_1byte + 1, 1); \
_property##tmp = memcpy(_property##tmp, membuf, tmp_1byte);\ _property##tmp = memcpy(_property##tmp, membuf, tmp_1byte);\
_property = (unsigned char *)strcat(to_utf8(_property##tmp), ""); \ _property = (unsigned char *)strcat(to_utf8(_property##tmp), ""); \